From: Steve Hideg (hideg@saintmarys.edu)
Date: Tue Dec 23 2003 - 12:48:03 CST
I did a presentation on my enhancements to netreg (including a virus
"jail") at the 2003 ResNet conference.
The presentation (in various formats) and source code are freely available at:
http://www.saintmarys.edu/~hideg/netreg/
Since that conference, I've enhanced the blocking mechanism further.
Our administrators can now specify virus, DMCA, windows patch level,
and a generic blocking reason, each with its own web page to redirect
blocked machines to.
The mechanism sends an optional email notice to the student as well
as email informing the RCCs.
Our ResNet administrator likes it.
++Steve
At 11:59 AM -0500 12/23/03, Eric Gauthier wrote:
>Mike,
>
>We've done a pretty robust "host jail" (we call it "quarantining") that
>we're integrating with our security team for DMCA and Worm/Virus stuff as
>well as our abuse team for Spamers. I did a short, generic write-up at:
>
> http://www.roxanne.org/~eric/blaster.html
>
>though most of the information there is likely old news for you. If you'd
>like the under-the-hood details, drop me a email.
>
>On a side note, I'm working on a technical presentation on how we
>implemented the quarantine. If anyone else has done something similar,
>something different, or wants to send me their comments, I'd love to hear
>them as well. Once the talk/power-point is done, probably mid-January, I'll
>put it online and post a note to the group...
>
>Eric Gauthier
> Network Engineer
> 617-353-8218 ~^~ elg@bu.edu
>Boston University - Office of IT
>
>-----Original Message-----
>From: owner-netreg@southwestern.edu
>[mailto:owner-netreg@southwestern.edu]On Behalf Of King, Michael
>Sent: Monday, December 22, 2003 6:07 PM
>To: netreg@southwestern.edu
>Subject: NetReg: Host Jails
>
>
>I need to implement some kind of "Host Jail" for Virus and DMCA
>violations.
>
>I know Saint Mary's has a very nice implementation, but I'm not sure If
>I can make it fit my environment.
>
>Has anyone else implemented a "Host Jail" for NetReg.
>
>Mike
>**********************************************************************
>To unsubscribe from this list, send an e-mail message to
>majordomo@southwestern.edu containing a single line with the words:
>unsubscribe netreg
>Send requests for assistance to: owner-netreg@southwestern.edu
>**********************************************************************
>
>**********************************************************************
>To unsubscribe from this list, send an e-mail message to
>majordomo@southwestern.edu containing a single line with the words:
>unsubscribe netreg
>Send requests for assistance to: owner-netreg@southwestern.edu
>**********************************************************************
**********************************************************************
To unsubscribe from this list, send an e-mail message to
majordomo@southwestern.edu containing a single line with the words:
unsubscribe netreg
Send requests for assistance to: owner-netreg@southwestern.edu
**********************************************************************
This archive was generated by hypermail 2.1.4 : Thu Aug 12 2004 - 12:01:43 CDT